$ rpki-client -vvf rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft File: 2h2yzTH0VPaVYdhmXck--BLzl7A.mft (raw, json) Hash identifier: XDkGbroPVhnBNiD6BaOc+/yDiXDG0YTWdRaiU28T9jA= Subject key identifier: 45:98:0A:83:D2:36:9D:7C:23:F4:BC:4E:6F:52:E6:E5:D6:B6:5C:AC Authority key identifier: DA:1D:B2:CD:31:F4:54:F6:95:61:D8:66:5D:C9:3E:F8:12:F3:97:B0 Certificate issuer: /CN=A919A7CA/serialNumber=DA1DB2CD31F454F69561D8665DC93EF812F397B0 Certificate serial: 010D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft Manifest number: 0106 Signing time: Sat 29 Mar 2025 04:27:26 +0000 Manifest this update: Sat 29 Mar 2025 04:27:25 +0000 Manifest next update: Sat 05 Apr 2025 04:27:25 +0000 Files and hashes: 1: 2h2yzTH0VPaVYdhmXck--BLzl7A.crl (hash: UIoRZ5BoyhgBWarMmQRTNwHy4PqABbj3/f1NM7sDbtw=) 2: 730B201A81E911EEAEFE7735C4F9AE02.roa (hash: +MbNfxyhCamzN9tHOdSAmjfpdzIa0MaUiU8CGByu53M=) 3: 4317395081E611EE9EFE132BC4F9AE02.roa (hash: nEgdbI6cuLNeRuLPJnkG4QO1ReMDMeUPyTkJXfsO5xE=) 4: E71AB92A7F7D11EE8C183162C4F9AE02.roa (hash: shdTH9d6PBZ6zz9OKDDb+zRKMfpyDz4E/FhykKTuDEk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.crl rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 04:27:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 269 (0x10d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919A7CA Validity Not Before: Mar 29 04:27:25 2025 GMT Not After : Apr 5 04:27:25 2025 GMT Subject: CN=67e776ad-cca9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:78:b4:ae:e9:14:cb:9f:dd:d5:b7:c0:6b:2c: d7:89:30:94:13:5d:80:ab:ae:b5:33:0e:e5:9c:bb: c9:7b:6d:c2:1f:32:29:92:ac:c5:00:30:12:e6:3e: 82:12:68:60:3e:53:74:1c:3c:85:98:f2:01:6d:61: e9:b5:04:34:72:35:a5:68:f6:d4:5d:14:dc:1d:15: 9f:7f:d7:38:c1:03:c2:4f:0c:2b:e4:04:ed:28:70: 28:28:48:60:9b:ee:0b:2c:e7:8b:76:8a:12:cd:ae: 72:9c:04:e9:66:45:f8:a0:07:8f:bd:52:51:f9:96: 53:c1:d1:33:0b:26:57:1f:f2:e2:04:f3:50:b8:93: 90:7a:ae:11:42:df:f4:1a:b2:ca:c2:62:da:4f:ec: 30:56:f8:ce:ac:ea:4d:47:ca:53:e1:84:78:8c:3a: a4:41:ce:78:7b:c5:ff:ed:39:f8:6b:75:b0:fe:38: b3:88:c8:ab:56:4a:35:2c:b9:03:06:86:47:0e:c9: 28:cc:4e:5b:6e:ad:ea:fc:ec:60:0a:c9:54:e9:26: 2b:e4:96:a3:c4:b6:89:37:91:14:da:b3:1e:5f:98: 3e:a7:b7:04:a8:ca:dd:48:db:03:38:a8:2f:27:0f: fd:bd:a5:04:8e:71:a3:61:66:37:cc:17:76:72:14: 21:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:98:0A:83:D2:36:9D:7C:23:F4:BC:4E:6F:52:E6:E5:D6:B6:5C:AC X509v3 Authority Key Identifier: keyid:DA:1D:B2:CD:31:F4:54:F6:95:61:D8:66:5D:C9:3E:F8:12:F3:97:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:05:b2:25:80:33:15:75:6c:aa:b1:d1:be:87:2f:30:78:d1: 22:39:45:ff:9a:5d:74:eb:11:33:97:ab:36:f5:5b:d4:a2:34: 69:d2:c3:20:f1:f9:61:d3:89:4f:36:ef:b8:94:d2:94:88:4b: 95:45:9a:58:d4:6c:dc:1f:3e:ab:93:60:ff:0d:0a:99:49:bd: b1:b4:d6:5e:9d:f8:02:54:da:e0:ed:22:d2:30:d6:e0:26:6d: 7f:cc:c3:e7:5c:1c:3d:90:55:62:3a:87:f0:bd:7a:d9:ac:9b: e7:53:3a:ef:10:04:fd:3a:60:f4:25:73:90:6e:f9:9d:6f:27: 84:40:d6:51:17:2e:8c:59:6e:e5:10:21:59:1d:70:0b:60:02: be:99:43:a6:36:a7:62:4c:21:e5:c7:86:1c:25:ad:3a:40:6c: 37:94:21:a5:62:82:6e:31:17:23:ec:03:ae:56:80:df:a0:b1: 08:84:51:a3:82:af:ba:ca:aa:93:f6:79:81:cc:61:18:e5:1f: 33:4e:82:1a:d3:5b:25:29:82:0a:53:d8:55:e4:ff:a3:f5:1c: ec:2d:da:04:b8:6b:e5:8d:f1:e0:8d:19:a9:ef:76:84:da:90: f0:77:b7:9c:f5:b8:3c:09:dc:34:f1:f7:1f:10:81:6b:d5:6b: a2:e3:8b:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAQ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUE3Q0ExMTAvBgNVBAUTKERBMURCMkNEMzFGNDU0RjY5NTYxRDg2NjVEQzkzRUY4 MTJGMzk3QjAwHhcNMjUwMzI5MDQyNzI1WhcNMjUwNDA1MDQyNzI1WjAYMRYwFAYD VQQDEw02N2U3NzZhZC1jY2E5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4Xi0rukUy5/d1bfAayzXiTCUE12Aq661Mw7lnLvJe23CHzIpkqzFADAS5j6C EmhgPlN0HDyFmPIBbWHptQQ0cjWlaPbUXRTcHRWff9c4wQPCTwwr5ATtKHAoKEhg m+4LLOeLdooSza5ynATpZkX4oAePvVJR+ZZTwdEzCyZXH/LiBPNQuJOQeq4RQt/0 GrLKwmLaT+wwVvjOrOpNR8pT4YR4jDqkQc54e8X/7Tn4a3Ww/jiziMirVko1LLkD BoZHDskozE5bbq3q/OxgCslU6SYr5JajxLaJN5EU2rMeX5g+p7cEqMrdSNsDOKgv Jw/9vaUEjnGjYWY3zBd2chQhNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEWYCoPS Np18I/S8Tm9S5uXWtlysMB8GA1UdIwQYMBaAFNodss0x9FT2lWHYZl3JPvgS85ew MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTdDQS80Q0Y3RjE1ODdF QjcxMUVFOTYyM0U5MUFDNEY5QUUwMi8yaDJ5elRIMFZQYVZZZGhtWGNrLS1CTHps N0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJoMnl6VEgwVlBhVllkaG1YY2stLUJMemw3QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QTdDQS80Q0Y3RjE1ODdFQjcxMUVFOTYyM0U5MUFDNEY5QUUwMi8yaDJ5elRIMFZQ YVZZZGhtWGNrLS1CTHpsN0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAHBbIlgDMVdWyqsdG+hy8weNEiOUX/ml106xEzl6s29VvUojRp0sMg 8flh04lPNu+4lNKUiEuVRZpY1GzcHz6rk2D/DQqZSb2xtNZenfgCVNrg7SLSMNbg Jm1/zMPnXBw9kFViOofwvXrZrJvnUzrvEAT9OmD0JXOQbvmdbyeEQNZRFy6MWW7l ECFZHXALYAK+mUOmNqdiTCHlx4YcJa06QGw3lCGlYoJuMRcj7AOuVoDfoLEIhFGj gq+6yqqT9nmBzGEY5R8zToIa01slKYIKU9hV5P+j9RzsLdoEuGvljfHgjRmp73aE 2pDwd7ec9bg8Cdw08fcfEIFr1Wui44tT -----END CERTIFICATE-----Generated at Fri Apr 4 22:34:47 2025 by rpki-client